WO2010053739A3 - Method and system for restricting file access in a computer system - Google Patents

Method and system for restricting file access in a computer system Download PDF

Info

Publication number
WO2010053739A3
WO2010053739A3 PCT/US2009/062074 US2009062074W WO2010053739A3 WO 2010053739 A3 WO2010053739 A3 WO 2010053739A3 US 2009062074 W US2009062074 W US 2009062074W WO 2010053739 A3 WO2010053739 A3 WO 2010053739A3
Authority
WO
WIPO (PCT)
Prior art keywords
security policy
file
file access
computer system
access
Prior art date
Application number
PCT/US2009/062074
Other languages
French (fr)
Other versions
WO2010053739A2 (en
Inventor
Rafel Rafi Ivgi
Original Assignee
Aspect9, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aspect9, Inc. filed Critical Aspect9, Inc.
Publication of WO2010053739A2 publication Critical patent/WO2010053739A2/en
Publication of WO2010053739A3 publication Critical patent/WO2010053739A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Abstract

A computer-implemented method is provided of controlling file access in a computer system. The method includes: (a) reading file association information; (b) building a security policy in accordance with the file association information comprising rules that restrict the access of applications to files based on file type, format, or extension; and (c) providing additional rules for the security policy not based on the file association information; (d) storing the security policy; and (e) controlling file access in accordance with the security policy.
PCT/US2009/062074 2008-11-09 2009-10-26 Method and system for restricting file access in a computer system WO2010053739A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US12/267,600 US20100122313A1 (en) 2008-11-09 2008-11-09 Method and system for restricting file access in a computer system
US12/267,600 2008-11-09

Publications (2)

Publication Number Publication Date
WO2010053739A2 WO2010053739A2 (en) 2010-05-14
WO2010053739A3 true WO2010053739A3 (en) 2010-07-29

Family

ID=42153483

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2009/062074 WO2010053739A2 (en) 2008-11-09 2009-10-26 Method and system for restricting file access in a computer system

Country Status (2)

Country Link
US (1) US20100122313A1 (en)
WO (1) WO2010053739A2 (en)

Families Citing this family (47)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2466455A (en) * 2008-12-19 2010-06-23 Qinetiq Ltd Protection of computer systems
TWI407327B (en) * 2009-11-24 2013-09-01 Phison Electronics Corp Method and system for processing data, and storage device controller
US8631346B2 (en) * 2010-05-12 2014-01-14 Red Hat, Inc. File conversion initiated by renaming of file extension
US8458741B2 (en) * 2010-05-27 2013-06-04 Sony Corporation Provision of TV ID to non-TV device to enable access to TV services
US8417962B2 (en) * 2010-06-11 2013-04-09 Microsoft Corporation Device booting with an initial protection component
CN101951443A (en) * 2010-09-25 2011-01-19 宇龙计算机通信科技(深圳)有限公司 File security method, system and mobile terminal
KR101156227B1 (en) * 2010-11-22 2012-06-18 주식회사 파수닷컴 File processing device for executing preprocessed file and recording medium for executing preprocessed file
CN102622537A (en) * 2011-01-31 2012-08-01 中兴通讯股份有限公司 Method and device for processing virus file
US9262246B2 (en) 2011-03-31 2016-02-16 Mcafee, Inc. System and method for securing memory and storage of an electronic device with a below-operating system security agent
US8813227B2 (en) 2011-03-29 2014-08-19 Mcafee, Inc. System and method for below-operating system regulation and control of self-modifying code
US8959638B2 (en) 2011-03-29 2015-02-17 Mcafee, Inc. System and method for below-operating system trapping and securing of interdriver communication
US9317690B2 (en) 2011-03-28 2016-04-19 Mcafee, Inc. System and method for firmware based anti-malware security
US8925089B2 (en) 2011-03-29 2014-12-30 Mcafee, Inc. System and method for below-operating system modification of malicious code on an electronic device
US9032525B2 (en) 2011-03-29 2015-05-12 Mcafee, Inc. System and method for below-operating system trapping of driver filter attachment
US9087199B2 (en) * 2011-03-31 2015-07-21 Mcafee, Inc. System and method for providing a secured operating system execution environment
US8863283B2 (en) 2011-03-31 2014-10-14 Mcafee, Inc. System and method for securing access to system calls
US8966624B2 (en) 2011-03-31 2015-02-24 Mcafee, Inc. System and method for securing an input/output path of an application against malware with a below-operating system security agent
US8966629B2 (en) 2011-03-31 2015-02-24 Mcafee, Inc. System and method for below-operating system trapping of driver loading and unloading
US9038176B2 (en) 2011-03-31 2015-05-19 Mcafee, Inc. System and method for below-operating system trapping and securing loading of code into memory
JP5708197B2 (en) * 2011-04-21 2015-04-30 富士ゼロックス株式会社 Information processing apparatus and program
CN102194072B (en) * 2011-06-03 2012-11-14 奇智软件(北京)有限公司 Method, device and system used for handling computer virus
US9076008B1 (en) * 2011-06-27 2015-07-07 Amazon Technologies, Inc. Content protection on an electronic device
US8631244B1 (en) 2011-08-11 2014-01-14 Rockwell Collins, Inc. System and method for preventing computer malware from exfiltrating data from a user computer in a network via the internet
US9059853B1 (en) 2012-02-22 2015-06-16 Rockwell Collins, Inc. System and method for preventing a computing device from obtaining unauthorized access to a secure network or trusted computing environment
EP2831787B1 (en) * 2012-03-30 2020-07-08 Irdeto B.V. Method and system for preventing and detecting security threats
US8661246B1 (en) 2012-04-09 2014-02-25 Rockwell Collins, Inc. System and method for protecting certificate applications using a hardened proxy
US8984582B2 (en) * 2012-08-14 2015-03-17 Confidela Ltd. System and method for secure synchronization of data across multiple computing devices
CN102932530B (en) * 2012-09-27 2014-12-31 东莞宇龙通信科技有限公司 Mobile terminal and file processing method for same
JP6091144B2 (en) * 2012-10-10 2017-03-08 キヤノン株式会社 Image processing apparatus, control method therefor, and program
EP2956883B1 (en) * 2013-02-14 2017-03-22 VMware, Inc. Method and apparatus for application awareness in a network
US9560103B2 (en) * 2013-06-26 2017-01-31 Echostar Technologies L.L.C. Custom video content
US9430674B2 (en) 2014-04-16 2016-08-30 Bank Of America Corporation Secure data access
US9378384B2 (en) 2014-04-16 2016-06-28 Bank Of America Corporation Secure endpoint file export in a business environment
US9432369B2 (en) * 2014-04-16 2016-08-30 Bank Of America Corporation Secure data containers
RU2584505C2 (en) * 2014-04-18 2016-05-20 Закрытое акционерное общество "Лаборатория Касперского" System and method for filtering files to control applications
US10277601B1 (en) 2015-05-11 2019-04-30 Google Llc System and method for recursive propagating application access control
KR20170019762A (en) * 2015-08-12 2017-02-22 삼성전자주식회사 Electronic device for controlling file sysytem and operating method thereof
WO2017095364A1 (en) * 2015-11-30 2017-06-08 Hewlett Packard Enterprise Development Lp Managing access of objects of a plurality of types
ES2699703T3 (en) * 2016-03-17 2019-02-12 HD PLUS GmbH Procedure and system to generate a list of access to media channels
US10356113B2 (en) * 2016-07-11 2019-07-16 Korea Electric Power Corporation Apparatus and method for detecting abnormal behavior
US10817492B2 (en) * 2017-05-05 2020-10-27 Servicenow, Inc. Application extension
US11062021B2 (en) * 2017-08-29 2021-07-13 NortonLifeLock Inc. Systems and methods for preventing malicious applications from exploiting application services
CN109359092B (en) * 2018-09-27 2023-05-26 腾讯科技(深圳)有限公司 File management method, desktop display method, device, terminal and medium
US11029970B2 (en) * 2018-10-24 2021-06-08 Sap Se Operating system extension framework
US10990673B1 (en) 2019-05-24 2021-04-27 Trend Micro Inc. Protection of antivirus daemon in a computer
US11503124B1 (en) * 2021-05-21 2022-11-15 Red Hat, Inc. Managing resource utilization in edge-computing systems
CN113221194B (en) * 2021-06-07 2024-03-08 云尖(北京)软件有限公司 Tamper web page hybrid detection technology

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020174369A1 (en) * 2001-04-24 2002-11-21 Hitachi, Ltd. Trusted computer system
US20030120601A1 (en) * 2001-12-12 2003-06-26 Secretseal Inc. Dynamic evaluation of access rights
US20050251508A1 (en) * 2004-05-10 2005-11-10 Masaaki Shimizu Program and method for file access control in a storage system
US20060120526A1 (en) * 2003-02-28 2006-06-08 Peter Boucher Access control to files based on source information
US20080189767A1 (en) * 2007-02-01 2008-08-07 Microsoft Corporation Accessing file resources outside a security boundary

Family Cites Families (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0676069B1 (en) * 1992-12-28 1998-03-11 Apple Computer, Inc. File translation system
US6047312A (en) * 1995-07-07 2000-04-04 Novell, Inc. System for replicating and associating file types with application programs among plurality of partitions in a server
US5974572A (en) * 1996-10-15 1999-10-26 Mercury Interactive Corporation Software system and methods for generating a load test using a server access log
US6026402A (en) * 1998-01-07 2000-02-15 Hewlett-Packard Company Process restriction within file system hierarchies
US7536524B2 (en) * 1998-07-31 2009-05-19 Kom Networks Inc. Method and system for providing restricted access to a storage medium
US6549916B1 (en) * 1999-08-05 2003-04-15 Oracle Corporation Event notification system tied to a file system
US6907421B1 (en) * 2000-05-16 2005-06-14 Ensim Corporation Regulating file access rates according to file type
US6662186B1 (en) * 2000-07-14 2003-12-09 Hewlett-Packard Development Company, L.P. System and method for a data propagation file format
US20080021936A1 (en) * 2000-10-26 2008-01-24 Reynolds Mark L Tools and techniques for original digital files
US8032542B2 (en) * 2000-10-26 2011-10-04 Reynolds Mark L Creating, verifying, managing, and using original digital files
US20040015890A1 (en) * 2001-05-11 2004-01-22 Windriver Systems, Inc. System and method for adapting files for backward compatibility
US6917953B2 (en) * 2001-12-17 2005-07-12 International Business Machines Corporation System and method for verifying database security across multiple platforms
US6931530B2 (en) * 2002-07-22 2005-08-16 Vormetric, Inc. Secure network file access controller implementing access control and auditing
GB2398134A (en) * 2003-01-27 2004-08-11 Hewlett Packard Co Applying a data handing policy to predetermined system calls
US7401105B2 (en) * 2003-10-02 2008-07-15 International Business Machines Corporation Method, system, and program product for retrieving file processing software
US7660999B2 (en) * 2004-06-22 2010-02-09 Microsoft Corporation MIME handling security enforcement
WO2007142615A2 (en) * 2005-02-18 2007-12-13 Credant Technologies, Inc. System and method for intelligence based security
US7840573B2 (en) * 2005-02-22 2010-11-23 Trusted Computer Solutions Trusted file relabeler
US20060259948A1 (en) * 2005-05-12 2006-11-16 International Business Machines Corporation Integrated document handling in distributed collaborative applications
US8126856B2 (en) * 2005-05-26 2012-02-28 Hewlett-Packard Development Company, L.P. File access management system
US7613918B2 (en) * 2006-02-16 2009-11-03 Finjan Software Ltd. System and method for enforcing a security context on a downloadable
US20080101613A1 (en) * 2006-10-27 2008-05-01 Brunts Randall T Autonomous Field Reprogramming
US20080229419A1 (en) * 2007-03-16 2008-09-18 Microsoft Corporation Automated identification of firewall malware scanner deficiencies

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020174369A1 (en) * 2001-04-24 2002-11-21 Hitachi, Ltd. Trusted computer system
US20030120601A1 (en) * 2001-12-12 2003-06-26 Secretseal Inc. Dynamic evaluation of access rights
US20060120526A1 (en) * 2003-02-28 2006-06-08 Peter Boucher Access control to files based on source information
US20050251508A1 (en) * 2004-05-10 2005-11-10 Masaaki Shimizu Program and method for file access control in a storage system
US20080189767A1 (en) * 2007-02-01 2008-08-07 Microsoft Corporation Accessing file resources outside a security boundary

Also Published As

Publication number Publication date
US20100122313A1 (en) 2010-05-13
WO2010053739A2 (en) 2010-05-14

Similar Documents

Publication Publication Date Title
WO2010053739A3 (en) Method and system for restricting file access in a computer system
Stewart Eight days: the battle to save the american financial system
WO2010065271A3 (en) Systems and methods for providing continuous file protection at block level
WO2008092031A3 (en) Computer system architecture having isolated file system management for secure and reliable data processing
WO2008051792A3 (en) Data file access control
WO2007005048A3 (en) Methods and apparatus for implementing context-dependent file security
WO2009155146A3 (en) Digitally signing documents using identity context information
Bjørling et al. The Necessary Death of the Block Device Interface.
McCrudden Procurement and fairness in the workplace
Carraro et al. FEEM Sustainability Index Methodological Report 2011
WO2008033939A3 (en) Contextually analyzing data in tabular and graphical reports
WO2008114316A1 (en) Electronic document management device and electronic document management program
Kolokolova et al. Systematic and idiosyncratic risks of changes in CDS spreads
Milosevic Android Security: Malicious use of Android permissions
Habbig Privacy, data protection and medical apps–a threat to patient safety?
Kviatek Regaining the organisational trust in the fossil fuel industry: challenges and opportunities
Dunne Artwork published in Abridged Magazine
Csurcsia et al. B-spline based nonparametric system identification
Egan Policing intermediaries in the EU anti-money laundering framework
McEwan There is no such thing as a male midwife!
Eckert et al. Document interoperability. Open document format and office open XML
WEST Evidence-based policing: An inconvenient truth?
Hartill et al. The Future of Safeguarding in Sport
Woods Integrating risk management with performance management
Boulus-Rødje The Travel to the Hidden Lives of the Electronic Medical Record (EMR): Society for Social Studies of Science

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09825220

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09825220

Country of ref document: EP

Kind code of ref document: A2